summaryrefslogtreecommitdiff
path: root/debian/patches-applied/055_pam_unix_nullok_secure
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2014-01-14 09:30:06 +0000
committerSteve Langasek <vorlon@debian.org>2019-01-08 22:11:52 -0800
commit76063db40810118bf431971dade8871633d06864 (patch)
treebf04fce4c2288ebf24e3465697b25b40a267172e /debian/patches-applied/055_pam_unix_nullok_secure
parente4b6c30426509601fddd1611f7db99b076626c17 (diff)
Another round of patch refreshing
Diffstat (limited to 'debian/patches-applied/055_pam_unix_nullok_secure')
-rw-r--r--debian/patches-applied/055_pam_unix_nullok_secure53
1 files changed, 26 insertions, 27 deletions
diff --git a/debian/patches-applied/055_pam_unix_nullok_secure b/debian/patches-applied/055_pam_unix_nullok_secure
index f0b0a3d2..8c1b84c7 100644
--- a/debian/patches-applied/055_pam_unix_nullok_secure
+++ b/debian/patches-applied/055_pam_unix_nullok_secure
@@ -11,12 +11,11 @@ Index: pam.debian/modules/pam_unix/support.c
===================================================================
--- pam.debian.orig/modules/pam_unix/support.c
+++ pam.debian/modules/pam_unix/support.c
-@@ -84,14 +84,22 @@
+@@ -189,13 +189,22 @@
/* now parse the arguments to this module */
for (; argc-- > 0; ++argv) {
-- int j;
-+ int j, sl;
++ int sl;
D(("pam_unix arg: %s", *argv));
@@ -38,7 +37,7 @@ Index: pam.debian/modules/pam_unix/support.c
}
}
-@@ -461,6 +469,7 @@
+@@ -565,6 +574,7 @@
child = fork();
if (child == 0) {
int i=0;
@@ -46,7 +45,7 @@ Index: pam.debian/modules/pam_unix/support.c
struct rlimit rlim;
static char *envp[] = { NULL };
char *args[] = { NULL, NULL, NULL, NULL };
-@@ -488,7 +497,18 @@
+@@ -595,7 +605,18 @@
/* exec binary helper */
args[0] = strdup(CHKPWD_HELPER);
args[1] = x_strdup(user);
@@ -66,7 +65,7 @@ Index: pam.debian/modules/pam_unix/support.c
args[2]=strdup("nullok");
} else {
args[2]=strdup("nonull");
-@@ -567,6 +587,17 @@
+@@ -675,6 +696,17 @@
if (on(UNIX__NONULL, ctrl))
return 0; /* will fail but don't let on yet */
@@ -84,7 +83,7 @@ Index: pam.debian/modules/pam_unix/support.c
/* UNIX passwords area */
retval = get_pwd_hash(pamh, name, &pwd, &salt);
-@@ -653,7 +684,8 @@
+@@ -761,7 +793,8 @@
}
}
} else {
@@ -98,7 +97,7 @@ Index: pam.debian/modules/pam_unix/support.h
===================================================================
--- pam.debian.orig/modules/pam_unix/support.h
+++ pam.debian/modules/pam_unix/support.h
-@@ -91,8 +91,9 @@
+@@ -98,8 +98,9 @@
#define UNIX_BLOWFISH_PASS 26 /* new password hashes will use blowfish */
#define UNIX_MIN_PASS_LEN 27 /* min length for password */
#define UNIX_OBSCURE_CHECKS 28 /* enable obscure checks on passwords */
@@ -109,24 +108,24 @@ Index: pam.debian/modules/pam_unix/support.h
#define UNIX_DES_CRYPT(ctrl) (off(UNIX_MD5_PASS,ctrl)&&off(UNIX_BIGCRYPT,ctrl)&&off(UNIX_SHA256_PASS,ctrl)&&off(UNIX_SHA512_PASS,ctrl)&&off(UNIX_BLOWFISH_PASS,ctrl))
-@@ -110,7 +111,7 @@
- /* UNIX_NOT_SET_PASS */ {"not_set_pass", _ALL_ON_, 0x40},
- /* UNIX__PRELIM */ {NULL, _ALL_ON_^(0x180), 0x80},
- /* UNIX__UPDATE */ {NULL, _ALL_ON_^(0x180), 0x100},
--/* UNIX__NONULL */ {NULL, _ALL_ON_, 0x200},
-+/* UNIX__NONULL */ {NULL, _ALL_ON_^(0x10000000), 0x200},
- /* UNIX__QUIET */ {NULL, _ALL_ON_, 0x400},
- /* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 0x800},
- /* UNIX_SHADOW */ {"shadow", _ALL_ON_, 0x1000},
-@@ -130,6 +131,7 @@
- /* UNIX_BLOWFISH_PASS */ {"blowfish", _ALL_ON_^(0x2C22000),0x2000000},
- /* UNIX_MIN_PASS_LEN */ {"minlen=", _ALL_ON_, 0x4000000},
- /* UNIX_OBSCURE_CHECKS */ {"obscure", _ALL_ON_, 0x8000000},
-+/* UNIX_NULLOK_SECURE */ {"nullok_secure", _ALL_ON_^(0x200), 0x10000000},
+@@ -117,7 +118,7 @@
+ /* UNIX_NOT_SET_PASS */ {"not_set_pass", _ALL_ON_, 0x40, 0},
+ /* UNIX__PRELIM */ {NULL, _ALL_ON_^(0x180), 0x80, 0},
+ /* UNIX__UPDATE */ {NULL, _ALL_ON_^(0x180), 0x100, 0},
+-/* UNIX__NONULL */ {NULL, _ALL_ON_, 0x200, 0},
++/* UNIX__NONULL */ {NULL, _ALL_ON_^(0x10000000), 0x200, 0},
+ /* UNIX__QUIET */ {NULL, _ALL_ON_, 0x400, 0},
+ /* UNIX_USE_AUTHTOK */ {"use_authtok", _ALL_ON_, 0x800, 0},
+ /* UNIX_SHADOW */ {"shadow", _ALL_ON_, 0x1000, 0},
+@@ -137,6 +138,7 @@
+ /* UNIX_BLOWFISH_PASS */ {"blowfish", _ALL_ON_^(0x2C22000),0x2000000, 1},
+ /* UNIX_MIN_PASS_LEN */ {"minlen=", _ALL_ON_, 0x4000000, 0},
+ /* UNIX_OBSCURE_CHECKS */ {"obscure", _ALL_ON_, 0x8000000, 0},
++/* UNIX_NULLOK_SECURE */ {"nullok_secure", _ALL_ON_^(0x200), 0x10000000, 0},
};
#define UNIX_DEFAULTS (unix_args[UNIX__NONULL].flag)
-@@ -165,6 +167,9 @@
+@@ -172,6 +174,9 @@
,const char *data_name
,const void **pass);
@@ -143,7 +142,7 @@ Index: pam.debian/modules/pam_unix/Makefile.am
@@ -30,7 +30,8 @@
pam_unix_la_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
endif
- pam_unix_la_LIBADD = -L$(top_builddir)/libpam -lpam \
+ pam_unix_la_LIBADD = $(top_builddir)/libpam/libpam.la \
- @LIBCRYPT@ @LIBSELINUX@ $(NIS_LIBS)
+ @LIBCRYPT@ @LIBSELINUX@ $(NIS_LIBS) \
+ ../pam_securetty/tty_secure.lo
@@ -154,7 +153,7 @@ Index: pam.debian/modules/pam_unix/README
===================================================================
--- pam.debian.orig/modules/pam_unix/README
+++ pam.debian/modules/pam_unix/README
-@@ -57,7 +57,16 @@
+@@ -58,7 +58,16 @@
The default action of this module is to not permit the user access to a
service if their official password is blank. The nullok argument overrides
@@ -176,7 +175,7 @@ Index: pam.debian/modules/pam_unix/pam_unix.8
===================================================================
--- pam.debian.orig/modules/pam_unix/pam_unix.8
+++ pam.debian/modules/pam_unix/pam_unix.8
-@@ -79,7 +79,14 @@
+@@ -82,7 +82,14 @@
.RS 4
The default action of this module is to not permit the user access to a service if their official password is blank\&. The
\fBnullok\fR
@@ -196,7 +195,7 @@ Index: pam.debian/modules/pam_unix/pam_unix.8.xml
===================================================================
--- pam.debian.orig/modules/pam_unix/pam_unix.8.xml
+++ pam.debian/modules/pam_unix/pam_unix.8.xml
-@@ -135,7 +135,24 @@
+@@ -137,7 +137,24 @@
<para>
The default action of this module is to not permit the
user access to a service if their official password is blank.